List of usage examples for org.springframework.security.config.annotation.web.builders HttpSecurity authorizeRequests
public ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests() throws Exception
From source file:org.fon.documentmanagementsystem.config.security.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/resources/**").permitAll().antMatchers("/subsystems/**") .hasAuthority("SUPERADMIN").antMatchers("/admins/adm/**").hasAuthority("SUPERADMIN") .antMatchers("/admins/usr/**").hasAuthority("ADMIN").antMatchers("/processes/adm/**") .hasAuthority("ADMIN").antMatchers("/processes/usr/**").hasAuthority("USER") .antMatchers("/documenttypes/**").hasAuthority("ADMIN").antMatchers("/activity/adm/**") .hasAuthority("ADMIN").antMatchers("/activity/user/**").hasAuthority("USER") .antMatchers("/documents/**").hasAuthority("USER") // .antMatchers("/api/processes/**").hasAuthority("ADMIN") // .antMatchers("/api/processes/**").hasAuthority("USER") .anyRequest().authenticated().and().exceptionHandling().accessDeniedPage("/403").and().formLogin() .loginPage("/login").permitAll().and().logout().logoutUrl("/logout").logoutSuccessUrl("/login") .and().csrf().disable();/*from w w w . j av a2 s . c o m*/ }
From source file:com.ucrisko.libroomreserve.config.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() //.antMatchers(HttpMethod.GET, "/users").authenticated() .anyRequest().permitAll().and().formLogin().loginPage("/signin").successHandler(authSuccess) .failureHandler(authFailure).and().logout().permitAll().and() .addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class).csrf() .csrfTokenRepository(csrfTokenRepository()); }
From source file:org.watterssoft.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/resources/**", "/signup", "/about", "/jquery/**", "/js/**", "/logout").permitAll() .antMatchers("/admin/**").hasRole("ADMIN").antMatchers("/db/**") .access("hasRole('ROLE_ADMIN') and hasRole('ROLE_DBA')").anyRequest().authenticated().and() .formLogin().loginPage("/login").defaultSuccessUrl("/").permitAll(); http.csrf().disable();/* w ww . j a v a 2 s .c o m*/ }
From source file:br.com.fpu.eiiv.qrcode.WebSecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { // @formatter:off http.authorizeRequests().antMatchers("/**").hasRole("USER").and().httpBasic().and().csrf().disable(); // @formatter:on }
From source file:org.fede.calculator.web.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/secure/**").access("isFullyAuthenticated()").and().formLogin() .loginPage("/loginPage").loginProcessingUrl("/login").and().headers().contentTypeOptions().disable() .and().logout().logoutUrl("/logout").logoutSuccessUrl("/").invalidateHttpSession(true).and() .rememberMe().useSecureCookie(true); }
From source file:com.redhat.rhtracking.config.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/resources/**").permitAll().antMatchers("/**").hasRole("USER") .anyRequest().anonymous().and() //This will generate a login form if none is supplied. .formLogin();// w w w .j a v a2s . co m }
From source file:jp.pigumer.security.WebSecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/").permitAll().anyRequest().authenticated(); http.addFilterAfter(exampleFilter(), BasicAuthenticationFilter.class); http.csrf().disable();/*from w w w.ja va 2 s . c om*/ }
From source file:de.dominikschadow.javasecurity.spring.SecurityConfig.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/*", "/resources/css/*").permitAll().antMatchers("/users/**") .hasRole("USER").and().formLogin().defaultSuccessUrl("/users/user").and().logout() .logoutSuccessUrl("/"); }
From source file:com.itn.configuration.SecurityConfiguration.java
@Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/", "/home").permitAll().antMatchers("/admin/**") .access("hasRole('ADMIN')").antMatchers("/user/**").access("hasRole('USER')") // .and().formLogin(). To make default login page .and().formLogin().loginPage("/login")//to make custome login page .usernameParameter("username").passwordParameter("password").and().csrf().disable()//This line is optional .exceptionHandling().accessDeniedPage("/Access_Denied");// }
From source file:io.gravitee.management.security.config.oauth2.OAuth2SecurityConfigurerAdapter.java
@Override public void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/**").access("#oauth2.hasScope('read')"); }